From 0484e916932dd76b398a04bbfc7365b40119188a Mon Sep 17 00:00:00 2001 From: Markus Hauschild Date: Mon, 7 Dec 2020 17:18:07 +0100 Subject: [PATCH] dns_auth: support dns slaves --- group_vars/all/vars.yml | 4 ++++ roles/dns_auth/templates/pdns.conf.j2 | 2 +- 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/group_vars/all/vars.yml b/group_vars/all/vars.yml index 0a19aa9..6d22384 100644 --- a/group_vars/all/vars.yml +++ b/group_vars/all/vars.yml @@ -8,6 +8,10 @@ dnsdist_targets: - gw31.regensburg.freifunk.net:8053 - resolver.regensburg.freifunk.net:8053 +dns_slaves: +- 195.201.117.207 +- 2a01:4f8:1c0c:7dda::1 + fastd_targets: - gw11.regensburg.freifunk.net:9281 - gw21.regensburg.freifunk.net:9281 diff --git a/roles/dns_auth/templates/pdns.conf.j2 b/roles/dns_auth/templates/pdns.conf.j2 index 2a5956b..95b4f97 100644 --- a/roles/dns_auth/templates/pdns.conf.j2 +++ b/roles/dns_auth/templates/pdns.conf.j2 @@ -2,7 +2,7 @@ # allow-axfr-ips Allow zonetransfers only to these subnets # # allow-axfr-ips=127.0.0.0/8,::1 -allow-axfr-ips=127.0.0.1,::1 +allow-axfr-ips=127.0.0.1,::1,{{ dns_slaves | join(',') }} ################################# # dname-processing If we should support DNAME records